× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 5ab9fd8a4de15af60d8a0ef18b7f54e461bbd07565713fef89b4bdf7c6fa701f
File name: WallPaperAgent.exe
Detection ratio: 0 / 45
Analysis date: 2013-08-13 02:51:41 UTC ( 5 years, 8 months ago ) View latest
Antivirus Result Update
Yandex 20130812
AhnLab-V3 20130812
AntiVir 20130813
Antiy-AVL 20130812
Avast 20130813
AVG 20130812
BitDefender 20130813
ByteHero 20130724
CAT-QuickHeal 20130812
ClamAV 20130813
Commtouch 20130813
Comodo 20130813
DrWeb 20130813
Emsisoft 20130813
ESET-NOD32 20130812
F-Prot 20130813
F-Secure 20130812
Fortinet 20130813
GData 20130813
Ikarus 20130813
Jiangmin 20130812
K7AntiVirus 20130812
K7GW 20130812
Kaspersky 20130813
Kingsoft 20130723
Malwarebytes 20130813
McAfee 20130813
McAfee-GW-Edition 20130812
Microsoft 20130812
eScan 20130813
NANO-Antivirus 20130812
Norman 20130812
nProtect 20130812
Panda 20130812
PCTools 20130812
Rising 20130812
SUPERAntiSpyware 20130813
Symantec 20130813
TheHacker 20130813
TotalDefense 20130812
TrendMicro 20130813
TrendMicro-HouseCall 20130813
VBA32 20130812
VIPRE 20130813
ViRobot 20130813
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright (C) 2009

Product WallPape Application
Original name WallPape.exe
Internal name WallPape
File version 1.0
Description WallPape Application
Signature verification The digital signature of the object did not verify.
Signing date 3:22 AM 4/7/2019
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2009-09-25 02:18:12
Entry Point 0x00002A8E
Number of sections 5
PE sections
Overlays
MD5 817ae1a1986c4ab7ccd50e93be9cfe38
File type data
Offset 112640
Size 3248
Entropy 7.09
PE imports
RegCloseKey
GetProgramFilePathW
DbgOutputW
?GetCount@CPtrListCtrl@@UBEHXZ
Gdiplus_DeleteBitmap
ReadDwordRegKeyW
FillRectBackGround
SendRemoteMessage
OpenRootRegKeyW
CombinePathNameW
Internal_DelArrayListW
ReadBinaryRegKeyW
WriteBoolRegKeyW
IsSpecialWindowW
ReadBoolRegKeyW
Internal_DeleteArray
Gdiplus_GetHBitmap
IsFileArchiveW
GetRemoteDllHandleByDllNameW
??1CPtrListCtrl@@QAE@XZ
WriteDwordRegKeyW
Gdiplus_Init
?GetAt@CPtrListCtrl@@UAEPAXH@Z
?DeleteAll@CPtrListCtrl@@UAEXXZ
WriteBinaryRegKeyW
??0CPtrListCtrl@@QAE@XZ
?AddData@CPtrListCtrl@@UAEHPAXH@Z
Gdiplus_DeInit
FixToFileNameW
GetProcessIDByNameW
UpdateProcessPrivilegeW
?DeleteAt@CPtrListCtrl@@UAEPAXHH@Z
Gdiplus_LoadBitmapFromFileW
DrawBitmap
ReadStringRegKeyW
ReadRegKeyLengthW
GetFileExtNameW
ComposeStringBySymbolW
RegisterDllToRemoteProcessW
WriteStringRegKeyW
DevideStringBySymbolW
Gdiplus_DisposeBitmapByMode
DeleteObject
QueryPerformanceCounter
GetLastError
InitializeCriticalSectionAndSpinCount
HeapFree
GetStdHandle
EnterCriticalSection
LCMapStringW
SetHandleCount
TerminateThread
GetModuleFileNameW
WaitForSingleObject
SetEvent
LCMapStringA
IsDebuggerPresent
GetTickCount
TlsAlloc
GetEnvironmentStringsW
LoadLibraryA
RtlUnwind
GetModuleFileNameA
GetLocalTime
VirtualFree
DeleteCriticalSection
GetCurrentProcess
GetWindowsDirectoryW
GetLocaleInfoA
InterlockedIncrement
OpenProcess
GetCommandLineW
WideCharToMultiByte
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
GetCPInfo
WaitForMultipleObjects
GetSystemPowerStatus
TlsFree
GetStartupInfoW
ExitProcess
RaiseException
InitializeCriticalSection
CreateThread
GetStringTypeA
SetUnhandledExceptionFilter
WriteFile
GetStartupInfoA
CreateMutexW
CloseHandle
GetSystemTimeAsFileTime
GetACP
HeapReAlloc
GetStringTypeW
GetModuleHandleW
GetOEMCP
TerminateProcess
CreateEventW
IsValidCodePage
HeapCreate
CreateProcessW
TlsGetValue
Sleep
GetFileType
TlsSetValue
HeapAlloc
GetCurrentThreadId
GetProcAddress
VirtualAlloc
GetCurrentProcessId
SetLastError
LeaveCriticalSection
RegisterClassExW
GetParent
UpdateWindow
EndDialog
PostQuitMessage
DefWindowProcW
KillTimer
GetMessageW
ShowWindow
GetWindowThreadProcessId
GetSystemMetrics
SetWindowLongW
EndPaint
DialogBoxParamW
TranslateMessage
GetWindow
PostMessageW
DispatchMessageW
BeginPaint
SendMessageW
IsWindowVisible
LoadStringW
GetClientRect
SetTimer
CallWindowProcW
GetDesktopWindow
LoadCursorW
LoadIconW
FindWindowExW
CreateWindowExW
LoadAcceleratorsW
GetWindowLongW
TranslateAcceleratorW
DestroyWindow
PE exports
Number of PE resources by type
RT_ICON 16
RT_GROUP_ICON 2
RT_DIALOG 1
RT_MANIFEST 1
RT_STRING 1
RT_MENU 1
RT_ACCELERATOR 1
RT_VERSION 1
Number of PE resources by language
ENGLISH US 23
CHINESE SIMPLIFIED 1
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
1.0.0.0

LanguageCode
Chinese (Simplified)

FileFlagsMask
0x003f

FileDescription
WallPape Application

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
73728

EntryPoint
0x2a8e

OriginalFileName
WallPape.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2009

FileVersion
1.0

TimeStamp
2009:09:25 04:18:12+02:00

FileType
Win32 EXE

PEType
PE32

InternalName
WallPape

ProductVersion
1.0

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Oceanis

CodeSize
37888

ProductName
WallPape Application

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 0a60b80df8e0fd580ed65472b586284e
SHA1 3c5a8f62f084bdb25e403998344067333e1231d0
SHA256 5ab9fd8a4de15af60d8a0ef18b7f54e461bbd07565713fef89b4bdf7c6fa701f
ssdeep
1536:szt1uLd2dTFq7SiqkYWg9yi85LaqDSpQ/kC:szt1uLdHGWg9yX5LaeSpQ/

authentihash 77821e62ee917b0a7e2893c07271620d1ae349ae0576eca11a9cd6f0c9fa47de
imphash 6413ccd1b81d36b26cb84592f7f5ff77
File size 113.2 KB ( 115888 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID InstallShield setup (49.0%)
Win64 Executable (generic) (31.4%)
Win32 Dynamic Link Library (generic) (7.4%)
Win32 Executable (generic) (5.1%)
OS/2 Executable (generic) (2.3%)
Tags
peexe overlay

VirusTotal metadata
First submission 2009-12-23 00:11:01 UTC ( 9 years, 3 months ago )
Last submission 2017-10-26 00:11:08 UTC ( 1 year, 5 months ago )
File names WALLPAPERAGENT.EXE.Muestra EliStartPage v28.88
WALLPAPERAGENT.EXE.Muestra EliStartPage v24.07
WALLPAPERAGENT.EXE.Muestra EliStartPage v24.04
WALLPAPERAGENT.EXE.Muestra EliStartPage v24.20
wallpaperagent.exe
WALLPAPERAGENT.EXE.Muestra EliStartPage v29.15
WALLPAPERAGENT.EXE.Muestra EliStartPage v34.08
WALLPAPERAGENT.EXE.Muestra EliStartPage v24.99
WALLPAPERAGENT.EXE.Muestra EliStartPage v33.63
WALLPAPERAGENT.EXE.Muestra EliStartPage v30.53
0a60b80df8e0fd580ed65472b586284e
file-3093827_exe
WALLPAPERAGENT.EXE.Muestra EliStartPage v22.97
WALLPAPERAGENT.EXE.Muestra EliStartPage v23.59
WallPaperAgent.exe
WALLPAPERAGENT.EXE.Muestra EliStartPage v31.35
WALLPAPERAGENT.EXE.Muestra EliStartPage v26.00
WALLPAPERAGENT.EXE.Muestra EliStartPage v26.65
WALLPAPERAGENT.EXE.Muestra EliStartPage v24.52
WallpaperAgent (v1.0.0.0).exe
WALLPAPERAGENT.EXE.Muestra EliStartPage v32.83
WALLPAPERAGENT.EXE.Muestra EliStartPage v29.08
WallPape
WALLPAPERAGENT.EXE.Muestra EliStartPage v25.62
WALLPAPERAGENT.EXE.Muestra EliStartPage v29.37
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!